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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Li et 
al 20050226423 (hereinafter Li) in view of Zhang et al 20040214570 (hereinafter 
Zhang). 

Regarding claims 1 and 5, Li discloses a wireless LAN access authentication 
System and method in a network system comprising a plurality of wireless LAN network 
systems (WLAN cells 1 , 2 and 3, see fig. 1 , p.1 , [0005]) and a center station that 
controls said plurality o f wireless LAN networks systems in a centralized manner 
(backbone network, see fig. 1, p.1, [0005]), each said plurality of wireless LAN network 
systems comprising access point sections (AP1 1 , AP21 and AP31 , see fig. 1 , p.1 , 
[0005]-[0006]) accessed by a radio terminal apparatus (mobile hosts MHs, see fig. 1, 
p.1, [0005]) that transmits/receives a radio signal through a radio section and a gateway 
apparatus which relays transmission/reception of data signals and control signals 
between said access point sections (wireless gateway 51, 52 and 53, see fig. 1, 
p.[0005], p.2, [0027]), said center station comprising a center station gateway apparatus 
that relays transmission/reception of data signals and control signals between the 
gateway apparatuses of said plurality wireless LAN network systems (inherent, since 
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the backbone network 4 receives an authentication request containing identity 
information I and sends property infonnation P to the AP through the wireless gateway, 
indicating that the backbone network has a gateway through which it routes the 
information from the authentication server to the wireless gateways of the WLAN cells, 
see fig. 1, p.2, [0027]) and an authentication server that performs access authentication 
on said radio terminal apparatus which has accessed said access point sections 
(authentication server, see p.2, [0025]) and distributes cryptographic keys (key see p.2, 
[0029]) used for encryption of a radio section through which said access-authenticated 
radio tenninal apparatus carries out communication to said radio tenninal apparatus and 
said access point section (see figs. 1 and 2c, p.2, [0027], [0029]) said wireless LAN 
access authentication system comprising: an access control section (wireless gateway 
51 , 52 and 53, see fig. 1 , p.1 , [0005]) provided for each of said plurality of wireless LAN 
network systems for controlling the situation of access of said radio terminal apparatus 
in the own communication area to said authentication server (see figs. 1 and 2a, p.2, 
[0027]) and checking the presence/absence access of said radio tenninal apparatus to 
said authentication server when said radio terminal apparatus moves to a 
communication area of a new access point section (see fig. 1 , p.1 , [0006]); and a 
cryptographic key control section (AP1 1, AP21 and AP31, see fig. 1, p.1, [0005]-[0006]) 
provided for each of said plurality of wireless LAN network systems for controlling 
cryptographic keys distributed from said authentication server and distributing (see figs. 
1 and 2a, p.2, [0027]), when said access control section confirms that said radio 
terminal apparatus which has moved to the communication area of the other access 
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point section has already accessed said authentication server, the cryptographic key for 
said radio section through which said radio temiinal apparatus carries out 
communication to said radio tenninal apparatus and said new access point section in 
the area to which said radio terminal apparatus has moved (see fig. 1, p.1, [0006]). 

Li fails to disclose wherein said plurality of wireless LAN network systems 
comprising at least two access point sections. 

In the same field of endeavor, Zhang discloses wherein said wireless LAN 
network system (wireless LAN 20, see fig. 1, p.1, [0009]) comprising at least two access 
point sections (APs I81-I84). 

It would therefore have been obvious to one of ordinary skill in the art to 
combine the teaching of Zhang with Li for the benefit of enabling a mobile 
communications device securely access a wireless LAN. 

Regarding claim 2, as applied to claim 1 , Li further discloses wherein said 
access control section and said cryptographic key control section are arranged in said 
gateway apparatus (wireless gateway 51, 52 and 53, see fig. 1, p.1, [0005], p.2, [0027]). 

Regarding claim 3, as applied to claim 1 , Li further discloses wherein access 
control section (wireless gateway 51, 52 and 53, see fig. 1, p.1, [0005]) comprises a 
control section that controls at least one access amount of an access time of said radio 
terminal apparatus or communication packet amount and requests said radio terminal 
apparatus for reauthentication when said access amount reaches a predetemiined 
amount (inherent, since the communication key between the AP and mobile host is 
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updated periodically, indicating that the wireless gateways 51-53 will then have to 
reauthenticate the mobile hosts, see, figs. 33a, 3b, p.3, [0032]-[0035]). 

Regarding claim 4, Li further discloses wherein said radio terminal apparatus 
(mobile hosts MHs, see fig. 1, p.1, [0005]) comprises an information card (inherent, 
since it well known that the mobile host has a SIM card to save information such as 
identity information I, see fig. 1, p.2, [0025]) which records ID information (identity 
information I, see fig. 1, p.2, [0025]) and uses the ID information recorded in said 
information card as an authentication ID at the time access authentication of said radio 
terminal apparatus (see p.2, [0025]). 

Regarding claim 6, Li.discloses an authentication server (authentication server, 
see p.2, [0025]) placed in a center station (backbone network, see fig. 1, p.1, [0005]) 
which carries out access authentication (see p.2, [0025]) of a radio terminal apparatus 
(mobile hosts MHs, see fig. 1 , p.1 , [0005]) in a wireless LAN access authentication 
system in a network system comprising a plurality of wireless LAN network systems 
(WLAN cells 1 , 2 and 3, see fig. 1 , p.1 , [0005]) and a center station that controls said 
plurality of wireless LAN network systems a centralized manner, each of said plurality of 
wireless LAN network systems comprising an access point section accessed by a radio 
terminal apparatus that transmits/receives a radio signal through a radio section 
and a gateway apparatus that relays transmission/reception of data signals and control 
signals between said access point sections (AP1 1 , AP21 and AP31 , see fig. 1 , p.1 . 
[0005]-[0006]), said center station comprising a center station gateway apparatus that 
relays transmission/reception of data signals and control signals between the gateway 
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apparatuses said plurality of wireless LAN network systems (inherent, since the 
backbone network 4 receives an authentication request containing identity information I 
and sends property information P to the AP through the wireless gateway, indicating 
that the backbone network has a gateway through which it routes the information from 
the authentication server to the wireless gateways of the WLAN cells, see fig. 1 , p.2, 
[0027]), said authentication server comprising: an access authentication section that 
performs access authentication when said radio terminal apparatus accesses a 
predetermined access point section of each of said wireless LAN networks 
(authentication server authenticates the mobile host according to the identity information 
I, see fig. 2a, p.2, [0027]); and a cryptographic key distribution section that distributes 
cryptographic keys (key see p.2, [0029]) of a radio section through which said radio 
terminal apparatus accesses each gateway apparatus of each of said wireless LAN 
networks all together (see p.2, [0027]). 

Li fails to disclose wherein each said plurality of wireless LAN network 
systems comprising at least two access point sections. 

In the same field of endeavor, Zhang discloses wherein said wireless LAN 
network system (wireless LAN 20, see fig. 1, p.1, [0009]) comprising at least two access 
point sections (APs 181-184). 

It would therefore have been obvious to one of ordinary skill in the art to 
combine the teaching of Zhang with Li for the benefit of enabling a mobile 
communications device securely access a wireless LAN. 
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Regarding claim 7, Li discloses a gateway apparatus (wireless gateway 51. 52 
and 53, see fig. 1, p.1, [0005], p.2, [0027]) in each of wireless LAN networks (WLAN 
cells 1, 2 and 3, see fig. 1, p.1, [0005]) in a wireless LAN access authentication system 
in a network system (WLAN system, see fig. 1, p.1, [0005]) comprising a plurality of 
wireless LAN network systems and a center station that controls said plurality of 
wireless LAN network systems in a centralized manner (backbone network, see fig. 1, 
p.1 , [0005]), each said plurality wireless LAN network systems comprising an access 
point section accessed by a radio terminal apparatus (mobile hosts MHs, see fig. 1, p.1, 
[0005]) that transmits/receives radio signal through a radio section (AP11, AP21 and 
AP31, see fig. 1, p.1, [0005]-[0006]), said center station comprising center station 
gateway apparatus that relays transmission/reception of data signals and control signals 
between the gateway apparatuses said plurality wireless LAN network systems 
(inherent, since the backbone network 4 receives an authentication request containing 
identity information I and sends property information P to the AP through the wireless 
gateway, indicating that the backbone network has a gateway through which it routes 
the information from the authentication server to the wireless gateways of the WLAN 
cells, see fig. 1, p.2, [0027]) and an authentication server (authentication server, see 
p.2, [0025]) that performs access authentication on said radio terminal apparatus which 
has accessed said access point section (authentication server authenticates the mobile 
host according to the identity information I, see fig. 2a, p.2, [0027]) and distributes 
cryptographic keys (key see p.2, [0029]) used for encryption of a radio section through 
which said access-authenticated radio terminal apparatus carries out communication to 
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said radio terminal apparatus and said access point section, said gateway apparatus 
comprising: transmission/reception section tliat transmits/receives said data signals and 
said control signals to/from the center station gateway apparatus said center station 
(wireless gateway 51, 52 and 53, see fig. 1, p.1, [0005], p.2, [0027]); an access control 
section that controls the situation of access of said radio tenninal apparatus to said 
authentication server within each of said wireless LAN networks and checks the 
presence/absence of access of said radio terminal apparatus to said authentication 
server when said radio terminal apparatus moves to a communication area of a new 
access point section (see fig. 1, p.1, [0005]); and a cryptographic key control section 
that controls said cryptographic keys distributed from said authentication server through 
said access control section and distributes, when it is confirmed that said radio tenninal 
apparatus which has moved to the communication area of the other access point 
section has already accessed said authentication server, said cryptographic key for the 
radio section through which said radio terminal apparatus carries out communication to 
said radio terminal apparatus and the new access point section the area to which said 
radio tenninal apparatus has moved (see fig. 1 , p.1 , [0006], p.2, [0027]). 

Li fails to disclose wherein each said plurality of wireless LAN network 
systems comprising at least two access point sections. 

In the same field of endeavor, Zhang discloses wherein said wireless LAN 
network system (wireless LAN 20, see fig. 1 , p.1 , [0009]) comprising at least two access 
point sections (APs I81-I84). 
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It would therefore have been obvious to one of ordinary skill in the art to 
combine the teaching of Zhang with Li for the benefit of enabling a mobile 
communications device securely access a wireless LAN. 

Regarding claim 8, as applied to claim 7, Li further discloses wherein said 
access control section (wireless gateway 51 , 52 and 53, see fig. 1 , p.1 , [0005]) 
comprises a control section that controls at least one access amount of an access time 
of said radio terminal apparatus or communication packet amount and requests said 
radio terminal apparatus for reauthentication when said access amount reaches a 
predetermined amount (inherent, since the communication key between the AP and 
mobile host is updated periodically, indicating that the wireless gateways 51-53 will then 
have to reauthenticate the mobile hosts, see, figs. 33a, 3b, p.3, [0032]-[0035]). 

Regarding claim 9, Li discloses a radio terminal apparatus (mobile hosts MHs, 
see fig. 1, p.1, [0005]) used in a wireless LAN access authentication system in a 
network system (WLAN system, see fig. 1 , p.1, [0005]) comprising a plurality of wireless 
LAN network systems (WLAN cells 1, 2 and 3, see fig. 1, p.1, [0005]) and a center 
station (backbone network, see fig. 1, p.1, [0005]) which controls said plurality of 
wireless LAN network systems in a centralized manner, each of said plurality of wireless 
LAN network systems comprising an access point section accessed by a radio terminal 
apparatus transmitting/receiving a radio signal through a radio section and a gateway 
apparatus that relays transmission/reception of data signals and control 
signals between said access point sections (AP11, AP21 and AP31, see fig. 1, p.1, 
[0005]-[0006]), said center station comprising a center station gateway apparatus that 
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relays transmission/reception of data signals and control signals between the gateway 
apparatuses of said plurality of wireless LAN network systems (inherent, since the 
backbone network 4 receives an authentication request containing identity information I 
and sends property information P to the AP through the wireless gateway, indicating 
that the backbone network has a gateway through which it routes the information from 
the authentication server to the wireless gateways of the WLAN cells, see fig. 1 , p,2, 
[0027]) and an authentication server that performs access authentication on said radio 
terminal apparatus which has accessed said access point section (authentication server 
authenticates the mobile host according to the identity information I, see fig. 2a, p.2, 
[0027]) and distributes the cryptographic key (key see p.2, [0029]) used for encryption of 
the radio section through which said access-authenticated radio terminal apparatus 
carries out communication to said radio terminal apparatus and said access point 
section, said radio terminal apparatus comprising an information card (inherent, since it 
well known that the mobile host has a SIM card to save information such as identity 
information I, see fig. 1, p.2, [0025]) in which ID information (identity information I, see 
fig. 1, p.2, [0025]) is recorded when access authentication is performed by said 
authentication server of said center station (see p.2, [0025]). 

Conclusion 

3. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Wild et al (20040181692) discloses a method and apparatus for providing 
network service information to a mobile station by a wireless local area network. 



Application/Control Number: 10/527,200 Page 1 1 

Art Unit: 2686 

Whelan et al (20030219129) discloses a system and metliod for providing WLAN 
security through synchronized update and rotation of WEP keys. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Olumide T. Ajibade-Akonai whose telephone number is 
571-272-6496. The examiner can nomrially be reached on M-F, 8.30p-5p. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Marsha D. Banks-Harold can be reached on 571-272-7905. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status infonnation for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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